A significant growth in insurance claims related to data breaches has been seen through 2016.
That’s according to figures from CFC Underwriting which said that it had handled more than 400 claims on cyber-breach policies that it had issued.
The majority of the claims, around 90%, are coming from businesses that have less than £50m in revenue, with a disproportionate number of claims being made by British firms.
According to Graeme Newman, chief innovation officer at CFC Underwriting, “This is largely down to the fact that on the whole, UK businesses have a lower level of security maturity than their US counterparts,” he told the BBC.
Figures coming out from the underwriter claim show that claims on CFC policies were up 78% on 2015.
Privacy breaches and theft, or financial loss, were said to be the most common claims filed, while Ransomware, where data is encrypted and held at ransom until a fee is paid, came in third.
The CIO said that cyber-insurance is now becoming a necessity to help businesses to cope with the volume of attacks being faced and that insurers are acting similarly to an “incident response service.”
Insurance agencies are now increasingly offering security, data forensics, and PR firms to respond to filed claims, he said.
According to PwC, the majority of policies in the UK are for a few million pounds and that the highest cover that firms can buy in the UK is £25m.
However, the largest policies in the US cover up to $100m, or £80m.
Insurance policies that cover cyber-breaches are likely to be increasingly popular for smaller firms, which is why the majority of claims are for smaller fees. That is because for many small firms it is difficult for them to run an internal security unit.
Running an internal security unit has not always proved effective as a deterrent to would be hackers and it is not only small businesses that are being targeted. Yahoo for example disclosed details of another hack dating back to 2013 where more than one billion user accounts may have been affected.